On 8/26/07, Alan Altmark <[EMAIL PROTECTED]> wrote: > Command auditing is already provided by ESMs. Nothing would change in > that respect.
It's different type of auditing, with different audience. When I would be paged in the middle of the night, I could search the operator console for smoking guns. Being able to see who was tampering with the thing the night before is enough to divert the call. Many installations will not allow the average support person to run SMF reports. And if they allow, it's not as much fun that I would like you to wake me up for it... Rob